&nbsp;fosstodon.org <a class="text-base" href="/search?q=%24fosstodon.org" title="Search for fosstodon.org">

musl libc (@musl@fosstodon.org)

4 4

OpenSSH sshd on musl-based systems is not vulnerable to RCE via CVE-2024-6387 (regreSSHion). This is because we do not use localtime in log timestamps and do not use dynamic allocation (because it could fail under memory pressure) for printf formatting. While the sshd bug is UB (AS-unsafe...

#ssh #musl #infosec #инфобез

13h ago

From pirati.cz

https://mastodon.pirati.cz

1 1

Garrick Aden-Buie (@grrrck@fosstodon.org)

1 1

@alans@social.lol good point, thanks! To install the extension, you can go to the “Extensions” panel in the sidebar and search for “Positron +1e”. Then click the install button or browse the reader to find individual extensions to install!

4h ago

From github.com

Collect month data · jaandrle/fedilist-mastodon-cz@13c68f9

1 1

Stahování/porovnání přírustku uživatelů dle fedilistu - Collect month data · jaandrle/fedilist-mastodon-cz@13c68f9

16h ago

1 1

There is something that have been bothering me for past few months, and resulted in me archiving node-ip repo on github: https://github.com/advisories/GHSA-78xj-cgh5-2h22 Someone filed a dubious CVE about my npm package, and then I started getting messages from all people getting warnings from...

20h ago

1 1

It looks like there are entities that in theory should fill the void in OSS community and provide resources for managing security reports for overloaded maintainers. (I'm looking at you SNYK) However, the verification process of vulnerability reports doesn't involve maintainer at all, and it...

20h ago

1 1

For that dicer bug in particular, I don't think it is reproducible as described in the advisory's PoC: https://gist.github.com/indutny-signal/9602403f5b0a946d139398e9bad8222c Furthermore the PoC doesn't seem to involve dicer at all: https://security.snyk.io/vuln/SNYK-JS-DICER-2311764 What's...

20h ago

1 1

Update: GitHub got back to me and decided to lower the vulnerability rating in response to my feedback. Furthermore, they advised me to enable Private Vulnerability Reporting feature so that I could get a chance at tackling the reports before they hit all package users next time. Great...

20h ago

Jan Andrle (@jaandrle@fosstodon.org)

1 1

Attached: 1 image #mastodon #česko #statistika „České instance” mají **orientačně**: * 13,1 tis. uživ.¹ ² * za únor +~65 ³, březen +~50 ¹ uživ. * MAU ~1,8 tis.⁴ „Slovenské instance” #slovensko: * ~457 uživ.² Předch. příspěvek z 2. 2. 24:...

16h ago

TalkTech (@talktech@fosstodon.org)

1 1

I am thinking of moving my blog away from Wordpress. Current: https://talktech.info/ Demo: https://blog.talktech.info/ Demo using Grav. What do you think is better? #Question #Grav #Wordpress [ ] Wordpress [ ] Grav

9h ago

Pamela Fox (@pamelafox@fosstodon.org)

1 1

Attached: 1 image Dannng, ruff finally took away "ruff ."! Now you gotta do "ruff check ." That's 6 more characters! And takes me away from my fantasy of being a dog at a keyboard. Sigh, life is ruff.

11h ago

From mobileatom.net

K.I.S.S. - Why I moved my main site from Drupal to Grav CMS | Mobile Atom Code

1 1

Specializing in content management and production for small organizations, Mobile Atom Code works with you to simplify the creation and maintenance of your online content.

8h ago

Loren (@lorenipsum@fosstodon.org)

1 1

Attached: 1 video Anyone ave advice on ow to fix tis?

13h ago

Jodie Burchell 🇦🇺🇩🇪 (@t_redactyl@fosstodon.org)

1 1

I've written up the first part of my #pyconit keynote talk as a blog post (finally back to writing for my personal blog!). If you are curious about whether #language use in #LLMs is really reaching human-like levels, give it a...

4h ago

Bruno Rodrigues :rstats: :tux: (@brodriguesco@fosstodon.org)

1 1

we are getting near to a CRAN release, please try to break the package if you're interested in building reproducible development environments as an #RStats user, give rix a try ! https://b-rodrigues.github.io/rix/index.html

18h ago

Allan Chow (@grumpasaurus@fosstodon.org)

1 1

Attached: 1 image This book has been out of print for decades and is truly a lesson for anyone joining any organization... or anyone who's worked on any legacy process (image descriptions populated)

7h ago

Kátia Nakamura (@katianakamura@fosstodon.org)

1 1

Attached: 1 image #Django 5.1 feature: Middleware to require authentication by default - LoginRequiredMiddleware redirects all unauthenticated requests to the login page by default. - Use the login_not_required() decorator for exceptions. - Only supports the view-function-level...

8h ago

Gabriele Svelto (@gabrielesvelto@fosstodon.org)

1 1

Never thought I'd agree with someone from GS > AI technology is exceptionally expensive, and to justify those costs, the technology must be able to solve complex problems, which it isn't designed to do," [...] The starting point for costs is also so high that even if costs decline, they would...

#AI #virginia #datacentres #GoldmanSachs #environmental

16h ago

From dc09.ru

Post by Andrey DarkCat09, @darkcat09@dc09.ru

2 2

**Уязвимость в OpenSSH с RCE, обновляйтесь до 9.8p1** Вкратце: при асинхронной обработке сигнала SIGALRM при таймауте аутентификации вызывается `syslog()`, который на некоторых реализациях libc вызывает небезопасные для асинка APIшки, из-за чего создаётся "состояние гонки" (race condition). ...

#musl #ssh #infosec #инфобез

16h ago

From github.com

fedilist-mastodon-cz/mastodon-list--2024-07-01T12:03.csv at main · jaandrle/fedilist-mastodon-cz

1 1

Stahování/porovnání přírustku uživatelů dle fedilistu - jaandrle/fedilist-mastodon-cz